CP
cyberpings

Everest Ransomware - Major Breaches at Citizens and Frost Bank

Major breaches at Citizens Financial Group and Frost Bank have been linked to Everest ransomware, exposing millions of customer records. Customers should take immediate action to protect their data.

Malware & RansomwareHIGHUpdated: Published:
Featured image for Everest Ransomware - Major Breaches at Citizens and Frost Bank

Original Reporting

SCSC Media

AI Summary

CyberPings AI·Reviewed by Rohit Rana

🎯Basically, hackers stole sensitive data from two big banks using ransomware.

What Happened

In a significant cybersecurity incident, Citizens Financial Group and Frost Bank have reportedly fallen victim to the Everest ransomware operation. This attack has resulted in the theft of sensitive data from both financial institutions, with the hackers threatening to expose the stolen information by April 26, 2026.

Who's Affected

The breach at Citizens Financial Group is particularly alarming, with claims that nearly 3.4 million records have been compromised. The stolen data includes full names, home addresses, account numbers, and internal document flags. Meanwhile, Frost Bank has reported that approximately 250,000 customers are affected, with exposed information including Social Security numbers, tax identification numbers, and mortgage interest rates.

What Data Was Exposed

The data breach has revealed a wealth of sensitive information: Citizens Bank has stated that the compromised data originated from an attack on a third-party vendor, leading to the theft of masked test data and limited customer information. However, they deny any breach of their own systems.

📁

Citizens Financial Group

Full names, home addresses, account numbers, internal document flags.

👤

Frost Bank

Social Security numbers, tax identification numbers, mortgage interest rates, names, and addresses.

What You Should Do

With the threat of data exposure looming, customers of both banks should take immediate precautions: Citizens Financial Group has already begun implementing additional safeguards as part of an ongoing investigation into the breach. This incident highlights the growing threat of ransomware attacks targeting financial institutions, following a pattern seen in previous attacks on companies like Nissan and BMW. As ransomware tactics evolve, vigilance and proactive measures are essential to protect sensitive data.

Detection

  • 1.Monitor your accounts: Regularly check bank statements for unauthorized transactions.
  • 2.Change passwords: Update your online banking passwords and enable two-factor authentication.

🔒 Pro Insight

🔒 Pro insight: The Everest ransomware operation's targeting of financial institutions indicates a shift towards high-value data exploitation, necessitating enhanced security measures.

SCSC Media
Read Original

Share

Related Pings

Preview image for DPRK Fake Job Scams Self-Propagate via Malware Worm
Malware & Ransomware
HIGH

DPRK Fake Job Scams Self-Propagate via Malware Worm

A new malware wave linked to DPRK is spreading through fake job scams. Job seekers are at risk as compromised repositories infect devices. Awareness and caution are essential to avoid falling victim.

DRDark Reading
Read PingRead Source
Preview image for The Gentlemen Ransomware - Rapidly Rising to Prominence
Malware & Ransomware
HIGH

The Gentlemen Ransomware - Rapidly Rising to Prominence

A new ransomware group, The Gentlemen, is quickly gaining notoriety for its advanced tactics and rapid scaling. Organizations are at risk as this group expands its operations. Staying vigilant and enhancing cybersecurity measures is essential to combat this rising threat.

DRDark Reading
Read PingRead Source
Preview image for North Korean Hackers - $12 Million Crypto Theft Uncovered
Malware & Ransomware
HIGH

North Korean Hackers - $12 Million Crypto Theft Uncovered

North Korean hackers have stolen over $12 million from crypto users through malware attacks. Targeting web developers, they exploited fake job offers to spread their malware. This ongoing threat highlights the need for vigilance in the cryptocurrency sector.

TRThe Record
Read PingRead Source
Preview image for Fake GitHub Repositories - Delivering SmartLoader and StealC
Malware & Ransomware
HIGH

Fake GitHub Repositories - Delivering SmartLoader and StealC

A large-scale malware campaign has been uncovered involving 109 fake GitHub repositories. Users were tricked into downloading SmartLoader and StealC malware. This poses serious risks for developers and security professionals alike. Immediate protective measures are essential.

CSCyber Security News
Read PingRead Source
Preview image for Auraboros RAT - Exposes Keylogging and Cookie Hijacking
Malware & Ransomware
HIGH

Auraboros RAT - Exposes Keylogging and Cookie Hijacking

A new RAT called Auraboros exposes serious vulnerabilities, including keylogging and cookie hijacking. This malware operates without any security measures, putting users at risk. Immediate action is needed to secure systems against this threat.

CSCyber Security News
Read PingRead Source
Preview image for DinDoor Backdoor - Abusing Deno Runtime for Stealthy Attacks
Malware & Ransomware
HIGH

DinDoor Backdoor - Abusing Deno Runtime for Stealthy Attacks

DinDoor backdoor exploits Deno runtime to bypass security. This stealthy malware targets systems, making detection difficult. Organizations must enhance monitoring and controls.

CSCyber Security News
Read PingRead Source